Unrated severityNVD Advisory· Published Apr 10, 2007· Updated Apr 23, 2026

CVE-2007-1909

Description

SQL injection vulnerability in login.php in Ryan Haudenschilt Battle.net Clan Script for PHP 1.5.1 and earlier allows remote attackers to execute arbitrary SQL commands via the (1) user or (2) pass parameter.

Affected products

Ryan Haudenschilt/Battle.net Clan Script
cpe:2.3:a:ryan_haudenschilt:battle.net_clan_script:*:*:php:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

osvdb.org/34747nvd
secunia.com/advisories/24838nvd
www.securityfocus.com/bid/23383nvd
www.vupen.com/english/advisories/2007/1313nvd
www.exploit-db.com/exploits/3691nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000